CVE-2024-54178

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...

CVE-2024-54178

CVE-2024-54178 concerns IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data, affecting versions 4.8, 5.0, 5.1, 5.2, and 5.3. An authenticated user can cause a denial of service when creating new databases due to improper allocation of resources. The CVSS data indicates a Network...

EUVD-2024-55643

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...

CVE-2024-54178 Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data.

IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authenticated user to cause a denial of service when creating new databases due to improper allocation of resources...

CVE-2026-44221

ArcadeDB prior to version 2.6.4 (also referenced as 26.4.2 in some advisories) contains a cross-database authorization bypass. Two defects enable authenticated principals to bypass both record-level and database-level controls: (1) ServerSecurityUser.getDatabaseUser() returns a DB user with an un...

Authorization Bypass

com.arcadedb, arcadedb-server is vulnerable to Authorization Bypass. The vulnerability is due to improper initialization of access controls and missing security configuration during database creation, which allows an attacker to bypass database and record-level authorization restrictions...

CVE-2025-41007 SQL Injection in Cuantis

SQL Injection in Cuantis. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'search' parameter in the '/search.php' endpoint...

GHSA-2F9H-23F7-8GCX AVideo affected by unauthenticated application takeover via exposed web installer on uninitialized deployments

Summary The install/checkConfiguration.php endpoint performs full application initialization — database setup, admin account creation, and configuration file write — from unauthenticated POST input. The only guard is checking whether videos/configuration.php already exists. On uninitialized...

CVE-2019-25451

phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized database operations by crafting malicious requests. Attackers can trick authenticated users into submitting GET requests to moadmin.php with parameters like action, db, and collectio...

CVE-2019-25447

OrientDB 3.0.17 GA Community Edition contains cross-site request forgery vulnerabilities that allow attackers to perform unauthorized actions by crafting malicious requests to endpoints like /database/, /command/, and /document/. Attackers can create or delete databases, modify schema classes,...

CVE-2017-18421

cPanel before 66.0.2 allows demo accounts to create databases and users SEC-271...

EUVD-2010-1200

Malware in sbrugna...

EUVD-2008-3187

Malware in sbrugna...

EUVD-2006-3855

Malware in sbrugna...

EUVD-2025-32129

Malicious code in bioql PyPI...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions in the process that handles file uploads and database creation. An attacker can gain unauthorized access to sensitive files by leveraging default file permissions that allow any operating system account to...

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions in the process that handles file uploads and database creation. An attacker can gain unauthorized access to sensitive files by leveraging default file permissions that allow any operating system account to...

CVE-2025-46688

creationtimestamp| type| source ---|---|--- 2025-04-27 20:09:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13633 2025-04-27 21:40:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnt7ox45mx2j 2025-04-27 23:00:35+00:00| seen|...

CVE-2024-10515

creationtimestamp| type| source ---|---|--- 2024-11-20 06:09:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113513789041612316 2024-11-20 07:53:19+00:00| seen| https://t.me/cvedetector/11560...

How to Manually Create a Database for Provisioning Services

This article describes how to manually create a database for Provisioning Services when the database administrator prefers to create the database manually. Requirements The DbScript.exe file located in “C:\Program Files\Citrix\Provisioning Services”. SQL Database Server. SysAdmin privileges to ru...